<?php

namespace common\components;

use \yii\rest\ActiveController;
use yii\web\Request;
use Yii;
use \common\helps\code;
use \common\helps\tools;
use yii\db\Query;


/**
 * Class BaseController
 *
 * @package \\${NAMESPACE}
 */
class FrontBaseController extends ActiveController
{

    protected $request;//请求对象
    protected $session;//session对象
    public    $pageSize;//数据返回条数
    public    $user_id=''; //当前登录的用户id
    public    $userAuth = [];//当前权限组
    public    $userAuthMenu = [];//当前树型权限结构
    public    $enableAuth = true;//是否验证当前控制器方法
    public    $m, $c, $a;//moduleName, controllerName, actionName
    public    $noCheckAction = ['admin/modify-self-password','admin/user-self-info-edit','admin/get-user-info']; //用于特殊动作不需要验证权限


    /**
     * 基础控制器初始化
     * @author hey_heyang(635870453@qq.com)
     */
    public function init(){  // 做初始化处理
        $this->_header();
        $this->request = \Yii::$app->getRequest();
        $this->session = \Yii::$app->getSession();
        parent::init();
    }

    /**
     * 动作验证
     * @param $action
     * @author hey_heyang(635870453@qq.com)
     */
    public function beforeAction($action){
        if (!$this->enableAuth){
            return true;
        }else {
//          此处需要处理前端token与user_id的匹配
//            $this->tokenVerify();
            return true;
        }
    }

    /*
     * 登录token验证
     * @param Request $request
     * @author cpy(1442435897@qq.com)
     * @return Json
     */
    public function tokenVerify(){
        $headers = Yii::$app->request->headers;
        $request =  Yii::$app->request;
        $session = Yii::$app->session;
        $model = new \backend\models\Admin();
        $token='';
        if(!empty($headers->get('token'))){
            $token =$headers->get('token');
        }elseif(!empty($request->get('token'))){
            $token =$request->get('token');
        }elseif(!empty($request->post('token'))){
            $token =$request->post('token');
        }

        if ($token) {
            $admin_id = $session->get('user_id');
            if(empty($admin_id)){
                echo json_encode($this->returnMsg(code::error('login_error', '请重新登录')));die;
            }
            $admin = $session->get('admin_id');
            if(!empty($admin['expire_time']) && $admin['expire_time'] < time()){
                echo json_encode($this->returnMsg(code::error('login_error', '请重新登录！')));die;
            }
            $info = $model::findOne(['token' => $token]);
            if(empty($info)){
                echo json_encode($this->returnMsg(code::error('login_error', '用户不存在，请重新登录')));die;
            }
            if($info['id'] != $admin_id){
                echo json_encode($this->returnMsg(code::error('login_error', '用户错误')));die;
            }
            $data = [
                'id' => $admin_id,  //数据
                'expire_time' => time() + 3600, //这里设置10秒过期
            ];
            $session['admin_id'] = $data;
        }else{
            echo json_encode($this->returnMsg(code::error('login_error', '请登录')));die;
        }
        $this->user_id=$admin_id;
        return true;
    }

    public function returnMsg($data){
        $res = [
            'success' => true,
            'code' => 200,
            'message' => 'OK',
            'data' => $data,
        ];
        return $res;
    }

    /**
     * 处理跨域
     * @author hey_heyang
     */
    private function _header()
    {
        header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, company-id, source, source-url, access-token, store-id");
        header('Access-Control-Allow-Origin: *');
        header('Access-Control-Max-Age: 3628800');
        header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS');
    }

}
